Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,082 advisories

Loading
MaLion for Mac 4.3.0 to 5.2.1 does not properly validate certificates, which may allow an... Moderate Unreviewed
CVE-2017-10819 was published May 13, 2022
The Radio Javan app 9.3.4 through 9.6.1 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed
CVE-2017-8938 was published May 13, 2022
The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers,... Moderate Unreviewed
CVE-2017-5914 was published May 13, 2022
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to... Moderate Unreviewed
CVE-2018-18568 was published May 13, 2022
Improper Certificate Validation in Apache CXF Moderate
CVE-2017-5653 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS... Moderate Unreviewed
CVE-2017-8936 was published May 13, 2022
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath... High Unreviewed
CVE-2017-6594 was published May 13, 2022
iSmartAlarm cube devices have an SSL Certificate Validation Vulnerability. High Unreviewed
CVE-2017-7726 was published May 13, 2022
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows... Moderate Unreviewed
CVE-2017-8060 was published May 13, 2022
Coordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and... Moderate Unreviewed
CVE-2016-4840 was published May 13, 2022
The Warner Bros. ellentube app 3.1.1 through 3.1.3 for iOS does not verify X.509 certificates... Moderate Unreviewed
CVE-2017-8939 was published May 13, 2022
Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not... Moderate Unreviewed
CVE-2016-1184 was published May 13, 2022
The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509... Moderate Unreviewed
CVE-2017-8935 was published May 13, 2022
The PUMA PUMATRAC app 3.0.2 for iOS does not verify X.509 certificates from SSL servers, which... Moderate Unreviewed
CVE-2017-8943 was published May 13, 2022
The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509... Moderate Unreviewed
CVE-2015-4094 was published May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE... High Unreviewed
CVE-2015-0534 was published May 13, 2022
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing... High Unreviewed
CVE-2017-4981 was published May 13, 2022
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC... Moderate Unreviewed
CVE-2012-3037 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7234 was published May 13, 2022
Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's... Moderate Unreviewed
CVE-2012-5824 was published May 13, 2022
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore... Moderate Unreviewed
CVE-2018-3927 was published May 13, 2022
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud... High Unreviewed
CVE-2018-4015 was published May 13, 2022
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code... High Unreviewed
CVE-2017-2784 was published May 13, 2022
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL... Critical Unreviewed
CVE-2017-2800 was published May 13, 2022
An exploitable denial of service vulnerability exists within the reading of proprietary server... Moderate Unreviewed
CVE-2017-2836 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database